package com.sudo.api._admin;

import com.sudo.common.annotation.ApiAuthorization;
import com.sudo.common.enums.SysStatus;
import com.sudo.common.utils.HttpUserInfoUtil;
import com.sudo.common.utils.JsonRes;
import com.sudo.dao.admin.entity.SysButton;
import com.sudo.dao.admin.entity.SysMenu;
import com.sudo.dao.admin.model.bo.SysRoleButtonAuthBO;
import com.sudo.dao.admin.model.bo.SysRoleMenuAuthBO;
import com.sudo.starter.ratelimit.annotation.ApiIdempotent;
import com.sudo.service.admin.service.SysButtonService;
import com.sudo.service.admin.service.SysMenuService;
import com.sudo.service.admin.service.SysRoleService;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import java.util.HashMap;
import java.util.Map;
import java.util.Set;

/**
 * @author 为道日损 2020-06-30 11:39
 * webSite：https://www.sudo.ren
 */
@Api(value = "赋权接口",tags = {"角色赋权相关的接口"})
@RestController
@RequestMapping("roleAuth")
public class RoleAuthController extends AdminBaseController {

    @Resource
    private SysRoleService sysRoleService;

    @Resource
    private SysMenuService sysMenuService;

    @Resource
    private SysButtonService sysButtonService;


    @ApiIdempotent
    @ApiAuthorization(menu = "roleAuth",button = "update")
    @PostMapping("onOffRoleMenuAuth")
    @ApiOperation(value = "禁用角色菜单权限",notes = "禁用角色菜单权限",httpMethod = "POST")
    public JsonRes onOffRoleMenuAuth(@RequestBody @Validated SysRoleMenuAuthBO sysRoleMenuAuthBO,
                                     HttpServletRequest request) {
        String sessionUser = HttpUserInfoUtil.getSessionUser(request);
        if (!superName(sessionUser)) {
            return JsonRes.errorMsg("只允许超级管理员操作");
        }
        //不能禁用超级管理员权限
        if (superAdmin(sysRoleMenuAuthBO.getRoleCode())) {
            return JsonRes.errorMsg("不可禁用超级管理员权限");
        }
        SysMenu sysMenu = sysMenuService.getSysMenuByCode(sysRoleMenuAuthBO.getMenuCode());
        if (!SysStatus.ON.name().equals(sysMenu.getStatus())) {
            return JsonRes.errorMsg("当前菜单不可用");
        }
        int affectCount = 0;
        if (SysStatus.OFF.name().equals(sysRoleMenuAuthBO.getAction())) {
            affectCount = sysRoleService.offRoleMenuAuth(sysRoleMenuAuthBO);
        } else if (SysStatus.ON.name().equals(sysRoleMenuAuthBO.getAction())) {
            affectCount = sysRoleService.onRoleMenuAuth(sysRoleMenuAuthBO);
        }
        return JsonRes.judge(affectCount,"禁用角色菜单权限成功","禁用角色菜单权限失败");
    }



    @ApiIdempotent
    @ApiAuthorization(menu = "roleAuth",button = "update")
    @PostMapping("onOffRoleButtonAuth")
    @ApiOperation(value = "禁用角色按钮权限", notes = "禁用角色按钮权限", httpMethod = "POST")
    public JsonRes onOffRoleButtonAuth(@RequestBody @Validated SysRoleButtonAuthBO sysRoleButtonAuthBO,
                                       HttpServletRequest request) {
        String sessionUser = HttpUserInfoUtil.getSessionUser(request);
        if (!superName(sessionUser)) {
            return JsonRes.errorMsg("只允许超级管理员操作");
        }
        //不能禁用超级管理员权限
        if (superAdmin(sysRoleButtonAuthBO.getRoleCode())) {
            return JsonRes.errorMsg("不可禁用超级管理员权限");
        }
        SysButton sysButton = sysButtonService.getSysButtonByMenuButtonCode(sysRoleButtonAuthBO.getMenuCode(),sysRoleButtonAuthBO.getButtonCode());
        if (!SysStatus.ON.name().equals(sysButton.getStatus())) {
            return JsonRes.errorMsg("当前按钮不可用");
        }
        int affectCount = 0;
        if (SysStatus.OFF.name().equals(sysRoleButtonAuthBO.getAction())) {
            affectCount = sysRoleService.offRoleButtonAuth(sysRoleButtonAuthBO);
        } else if (SysStatus.ON.name().equals(sysRoleButtonAuthBO.getAction())) {
            affectCount = sysRoleService.onRoleButtonAuth(sysRoleButtonAuthBO);
        }
        return JsonRes.judge(affectCount,"禁用角色按钮权限成功","禁用角色按钮权限失败");
    }

    @GetMapping("getMyMenuCodeByRoleCode")
    @ApiOperation(value = "通过roleCode获取对应权限的menuCode",notes = "通过roleCode获取对应权限的menuCode",httpMethod = "GET")
    public JsonRes getMyMenuCodeByRoleCode(@RequestParam String roleCode) {
        Map<String, String> sysRoleMenuMap = sysRoleService.getMyMenuCodeByRoleCode(roleCode);
        return JsonRes.ok(sysRoleMenuMap);
    }
    @GetMapping("getPermission")
    @ApiOperation(value = "从redis中获取菜单对应的可用按钮权限",notes = "获取菜单可用按钮",httpMethod = "GET")
    public JsonRes getPermission(@RequestParam String menuCode, HttpServletRequest request) {
        String username = HttpUserInfoUtil.getSessionUser(request);
        Set<String> roleButtonSet = sysRoleService.getRolePermissionFromRedis(username,menuCode);
        Set<String> menuButtonSet = sysRoleService.getMenuPermissionFromRedis(menuCode);
        Map<String, Set<String>> setMap = new HashMap<>();
        setMap.put("roleButtonSet", roleButtonSet);
        setMap.put("menuButtonSet", menuButtonSet);
        return JsonRes.ok(setMap);
    }
}
